public function setUp() { $_SERVER['REQUEST_METHOD'] = 'REPORT'; DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass('DAVACL_Test_Resource'); DAV_Multistatus::reset(); }
/** * Returns the HTTP 405 Method Not Allowed status code * * This will only be called when an unknown/unsupported HTTP method is used. So * We'll return the correct status code and explain which methods are allowed. * * @param DAV_Resource $resource * @return void * @throws DAV_Status */ public function handle($resource) { $allow = implode(', ', self::$ALLOWED_METHODS); DAV::header("Allow: {$allow}"); $status = new DAV_Status(DAV::HTTP_METHOD_NOT_ALLOWED, "Allowed methods: {$allow}"); $status->output(); }
/** * Handles a POST request * @param DAV_Resource $resource * @return void * @throws DAV_Status */ public function handle($resource) { $resource->assertLock(); $headers = array(); try { ob_start(); $entity = $resource->method_POST($headers); } catch (DAV_Status $e) { ob_end_clean(); throw $e; } if ($length = ob_get_length()) { $headers['Content-Length'] = $length; DAV::header($headers); ob_end_flush(); return; } else { ob_end_clean(); } if (is_string($entity)) { $headers['Content-Length'] = strlen($entity); DAV::header($headers); echo $entity; return; } DAV::header($headers); }
public function setUp() { $_SERVER['REQUEST_METHOD'] = 'UNKNOWN'; $this->obj = DAV_Request::inst(); DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass('DAVACL_Test_Resource'); }
/** * Because we can't be sure we're using PHP 5.4 or higher, we can't use traits. * Instead, we use this global function to do the general setup for tests * * @return void */ function setUp() { reset_SERVER(); \DAV::$REGISTRY = new \BeeHub_Registry(); \DAV::$LOCKPROVIDER = new \BeeHub_Lock_Provider(); \DAV::$ACLPROVIDER = new \BeeHub_ACL_Provider(); \BeeHub::setAuth(new BeeHub_Auth(new \SimpleSAML_Auth_Simple('BeeHub'))); }
public function setUp() { $_SERVER['REQUEST_METHOD'] = 'MKCOL'; $this->obj = DAV_Request::inst(); DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass('DAV_Resource'); DAV::$LOCKPROVIDER = null; }
public function setUp() { $_SERVER['REQUEST_METHOD'] = 'PROPPATCH'; DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass('DAVACL_Test_Resource'); DAV::$LOCKPROVIDER = null; DAV_Multistatus::reset(); }
public function setUp() { $_SERVER['REQUEST_METHOD'] = 'DELETE'; $_SERVER['HTTP_DEPTH'] = 'infinity'; $_SERVER['REQUEST_URI'] = '/path/to/resource'; DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass('DAVACL_Test_Resource'); dav::$LOCKPROVIDER = new DAV_Test_Lock_Provider(); $this->obj = DAV_Request::inst(); }
/** * Handles the UNLOCK request * * @param DAV_Resource $resource * @return void * @throws DAV_Status */ protected function handle($resource) { if (!DAV::$LOCKPROVIDER) { throw new DAV_Status(DAV::HTTP_FORBIDDEN); } $lock = DAV::$LOCKPROVIDER->getlock(DAV::getPath()); if (!$lock || $this->locktoken !== $lock->locktoken) { throw new DAV_Status(DAV::HTTP_CONFLICT, DAV::COND_LOCK_TOKEN_MATCHES_REQUEST_URI); } DAV::$LOCKPROVIDER->unlock($lock->lockroot); DAV::header(array('status' => DAV::HTTP_NO_CONTENT)); }
/** * Parses a piece of XML with <D:href> pieces * * @param string $hrefs * @return DAV_Element_href * @throws DAV_Status */ public static function parse_hrefs($hrefs) { $href = new DAV_Element_href(); if (!preg_match('@^\\s*(?:<D:href(?:\\s+[^>]*)?>\\s*[^\\s<]+\\s*</D:href>\\s*)*$@', $hrefs)) { return $href; } preg_match_all('@<D:href(?:\\s+[^>]*)?>\\s*([^\\s<]+)\\s*</D:href>@', $hrefs, $matches); foreach ($matches[1] as $match) { $href->addURI(DAV::parseURI($match, false)); } return $href; }
/** * Checks that the Depth header is correct and then handles a DELETE request * @param DAV_Resource $resource * @return void * @throws DAV_Status */ protected function handle($resource) { if (DAV::DEPTH_INF !== $this->depth()) { throw new DAV_Status(DAV::HTTP_BAD_REQUEST, 'Only Depth: infinity is allowed for DELETE requests.'); } self::delete($resource); if (DAV_Multistatus::active()) { DAV_Multistatus::inst()->close(); } else { DAV::header(array('status' => DAV::HTTP_NO_CONTENT)); } }
/** * Handles the OPTIONS request * @param DAV_Resource $resource * @return void * @throws DAV_Status */ protected function handle($resource) { $headers = array('DAV' => array('1' . (DAV::$LOCKPROVIDER ? ', 2' : '') . ', 3', 'access-control', '<http://apache.org/dav/propset/fs/1>'), 'MS-Author-Via' => 'DAV', 'Allow' => implode(', ', self::$ALLOWED_METHODS), 'Content-Length' => 0); if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) { $headers['Access-Control-Allow-Methods'] = $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']; } if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS'])) { $headers['Access-Control-Allow-Headers'] = $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']; } if ($resource instanceof DAV_Resource) { DAV::header($resource->method_OPTIONS($headers)); } else { DAV::header($headers); } }
public function setUp() { $_SERVER['REQUEST_METHOD'] = 'HEAD'; $headers = array(); $headers['Content-Length'] = 100; $headers['Content-Type'] = 'text/plain'; $headers['ETag'] = 'an ETag'; $headers['Last-Modified'] = '11-12-13 14:15'; $headers['Content-Language'] = 'nl'; $headers['Accept-Ranges'] = 'bytes'; $resource = $this->getMock('DAVACL_Test_Resource', array('method_HEAD'), array($_SERVER['REQUEST_URI'])); $resource->expects($this->once())->method('method_HEAD')->will($this->returnValue($headers)); DAV::$REGISTRY = new DAV_Test_Registry(); DAV::$REGISTRY->setResourceClass($resource); $this->obj = DAV_Request::inst(); }
/** * Traverse over the files and subdirectories * * @global MongoCollection $collection The MongoDB collection * @global Array $CONFIG The configuration parameters * @param DirectoryIterator $iterator The DirectoryIterator to iterate over * @return void */ function traverse($iterator) { global $collection, $CONFIG; foreach ($iterator as $fileinfo) { $file = $fileinfo->getPathname(); if ($fileinfo->isDot()) { continue; } elseif ($fileinfo->isDir()) { traverse(new DirectoryIterator($file)); } $attributes = xattr_list($file); $stored_props = array(); if (!$fileinfo->isDir()) { $encodedKey = str_replace(array('%', '$', '.'), array('%25', '%24', '%2E'), DAV::PROP_GETCONTENTLENGTH); $stored_props[$encodedKey] = $fileinfo->getSize(); } foreach ($attributes as $attribute) { $decodedKey = rawurldecode($attribute); $value = xattr_get($file, $attribute); // Transform the value of the owner and sponsor properties (but only if necessary) if (($decodedKey === 'DAV: owner' || $decodedKey === 'http://beehub.nl/ sponsor') && substr($value, 0, 1) === '/') { $value = rawurldecode(basename($value)); } // Property names are already stored url encoded in extended attributes, but we just need it a few characters to be encoded. // This url encodes only the characters needed to create valid mongoDB keys. You can just run rawurldecode to decode it. $encodedKey = str_replace(array('%', '$', '.'), array('%25', '%24', '%2E'), $decodedKey); $stored_props[$encodedKey] = mb_convert_encoding($value, 'UTF-8'); } $unslashifiedPath = \DAV::unslashify(substr($file, strlen($CONFIG['environment']['datadir']))); if (substr($unslashifiedPath, 0, 1) === '/') { $unslashifiedPath = substr($unslashifiedPath, 1); } if ($unslashifiedPath === '') { $depth = 0; } else { $depth = substr_count($unslashifiedPath, '/') + 1; } $document = array('path' => mb_convert_encoding($unslashifiedPath, 'UTF-8'), 'depth' => $depth, 'props' => $stored_props); if ($fileinfo->isDir()) { $document['collection'] = true; } $collection->save($document); } }
/** * Checks and handles MKCOL request * @param DAV_Resource $resource * @return void * @throws DAV_Status */ protected function handle($resource) { if ($resource) { if ($resource->isVisible()) { throw new DAV_Status(DAV::HTTP_METHOD_NOT_ALLOWED); } throw DAV::forbidden(); } $resource = DAV::$REGISTRY->resource(dirname(DAV::getPath())); if (!$resource or !$resource->isVisible()) { throw new DAV_Status(DAV::HTTP_CONFLICT, 'Unable to MKCOL in unknown resource'); } if (!$resource instanceof DAV_Collection) { throw new DAV_Status(DAV::HTTP_METHOD_NOT_ALLOWED); } if (0 < (int) @$_SERVER['CONTENT_LENGTH']) { throw new DAV_Status(DAV::HTTP_UNSUPPORTED_MEDIA_TYPE); } $resource->assertLock(); $resource->method_MKCOL(basename(DAV::getPath())); DAV::redirect(DAV::HTTP_CREATED, DAV::getPath()); }
<?php if (isset($this) && false !== strpos($this->user_prop_getcontenttype(), 'xml')) { echo DAV::xml_header(); } ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta name="viewport" content="width=device-width, initial-scale=1.0" /> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> <title>BeeHub</title> <?php if (RUN_CLIENT_TESTS) { ?> <link rel="stylesheet" href="/system/tests/resources/qunit.css" /> <?php } else { ?> <link rel="stylesheet" href="/system/css/jquery-ui.css" /> <link rel="stylesheet" href="/system/bootstrap/css/bootstrap.min.css" /> <link rel="stylesheet" href="/system/bootstrap/css/bootstrap-responsive.min.css" /> <link rel="stylesheet" href="/system/css/beehub.css"/> <link rel="shortcut icon" href="https://www.surfsara.nl/sites/all/themes/st_sara/favicon.ico" type="image/x-icon" /> <?php } ?> <?php echo isset($header) ? $header : ''; ?> </head><body class="bootstrap">
$i = $i + 1; } ?> </div> </div> <!-- End join tab --> <!-- Create tab --> <br/> <div id="bh-gss-panel-create" class="tab-pane fade"> <form id="bh-gss-create-form" class="form-horizontal" action="<?php echo BeeHub::SPONSORS_PATH; ?> " method="post"> <input type="hidden" name="POST_auth_code" value="<?php echo DAV::xmlescape(BeeHub::getAuth()->getPostAuthCode()); ?> " /> <div class="control-group"> <label class="control-label" for="bh-gss-name">Sponsor name</label> <div class="controls"> <input type="text" id="bh-gss-name" name="sponsor_name" required> </div> </div> <div class="control-group"> <label class="control-label" for="bh-gss-display-name">Display name</label> <div class="controls"> <input type="text" id="bh-gss-display-name" name="displayname" required> </div> </div> <div class="control-group">
/** * Handles a DAV:principal-search-property-set REPORT request * * @param DAVACL_Principal_Collection $principal_collection The resource to perform the request on * @return void */ private function handle_principal_search_property_set($principal_collection) { $properties = $principal_collection->report_principal_search_property_set(); echo DAV::xml_header(); echo '<D:principal-search-property-set xmlns:D="DAV:">'; foreach ($properties as $prop => $desc) { echo "\n<D:principal-search-property><D:prop>"; list($namespaceURI, $localName) = explode(' ', $prop); echo "\n<"; switch ($namespaceURI) { case 'DAV:': echo "D:{$localName}"; break; case '': echo "{$localName}"; break; default: echo "ns:{$localName} xmlns:ns=\"{$namespaceURI}\""; } echo '/>'; if ($desc) { echo '<D:description xml:lang="en">' . DAV::xmlescape($desc) . '</D:description>'; } echo '</D:principal-search-property>'; } echo "\n</D:principal-search-property-set>"; }
/** * @param string $path */ public function resource($path) { if (is_array($path)) { $document = $path; $path = '/' . $document['path']; } else { $document = null; } $path = DAV::unslashify($path); $systemPath = DAV::unslashify(BeeHub::SYSTEM_PATH); $usersPath = DAV::unslashify(BeeHub::USERS_PATH); $groupsPath = DAV::unslashify(BeeHub::GROUPS_PATH); $sponsorsPath = DAV::unslashify(BeeHub::SPONSORS_PATH); if (isset($this->resourceCache[$path])) { return $this->resourceCache[$path]; } $localPath = BeeHub::localPath($path); $retval = null; if ($path === '/') { $retval = new BeeHub_Directory($path); } elseif ($path === $systemPath) { $retval = new BeeHub_System_Collection($path); } elseif (substr($path, 0, strlen($usersPath)) === $usersPath) { if ($path === $usersPath) { $retval = new BeeHub_Users($path); } else { try { $retval = new BeeHub_User($path); } catch (Exception $e) { } } } elseif (substr($path, 0, strlen($groupsPath)) === $groupsPath) { if ($path === $groupsPath) { $retval = new BeeHub_Groups($path); } else { try { $retval = new BeeHub_Group($path); } catch (Exception $e) { } } } elseif (substr($path, 0, strlen($sponsorsPath)) === $sponsorsPath) { if ($path === $sponsorsPath) { $retval = new BeeHub_Sponsors($path); } else { try { $retval = new BeeHub_Sponsor($path); } catch (Exception $e) { } } } else { $unslashifiedPath = $path; if (substr($unslashifiedPath, 0, 1) === '/') { $unslashifiedPath = substr($unslashifiedPath, 1); } $collection = BeeHub::getNoSQL()->files; if (!is_array($document)) { $document = $collection->findOne(array('path' => $unslashifiedPath)); } if (!is_null($document)) { if (isset($document['collection']) && $document['collection']) { $retval = new BeeHub_Directory($document); } else { $retval = new BeeHub_File($document); } } else { return null; } } return $this->resourceCache[$path] = $retval; }
$sysDir = substr($sysDir, 1); } $fileDocument = array('path' => $sysDir, 'depth' => substr_count($sysDir, '/') + 1, 'collection' => true, 'props' => array()); $filesCollection->insert($fileDocument); } // Add the user's home directory with different properties $fileDocument = array('path' => \DAV::unslashify($userdir), 'collection' => true, 'props' => array(\DAV::PROP_OWNER => $username)); if (substr($fileDocument['path'], 0, 1) === '/') { $fileDocument['path'] = substr($fileDocument['path'], 1); } $fileDocument['depth'] = substr_count($fileDocument['path'], '/') + 1; $encodedKey = str_replace(array('%', '$', '.'), array('%25', '%24', '%2E'), \BeeHub::PROP_SPONSOR); $fileDocument['props'][$encodedKey] = DEFAULT_SPONSOR_NAME; $filesCollection->insert($fileDocument); // Add the group directory with different properties $fileDocument = array('path' => \DAV::unslashify(\basename($config['namespace']['admin_group'])), 'collection' => true, 'props' => array(\DAV::PROP_ACL => '[["' . $config['namespace']['admin_group'] . '",false,["DAV: read", "DAV: write"],false]]')); if (substr($fileDocument['path'], 0, 1) === '/') { $fileDocument['path'] = substr($fileDocument['path'], 1); } $fileDocument['depth'] = substr_count($fileDocument['path'], '/') + 1; $encodedKey = str_replace(array('%', '$', '.'), array('%25', '%24', '%2E'), \BeeHub::PROP_SPONSOR); $fileDocument['props'][$encodedKey] = DEFAULT_SPONSOR_NAME; $filesCollection->insert($fileDocument); } else { \header('HTTP/1.1 500 Internal Server Error'); \ob_end_flush(); print "\nUnable to create the system directories\n"; exit; } print "ok\n"; // Then import the database structure
/** * This should be a identical copy of DAV_Multistatus::__construct() */ private function __construct() { DAV::header(array('Content-Type' => 'application/xml; charset="utf-8"', 'status' => DAV::HTTP_MULTI_STATUS)); echo DAV::xml_header() . '<D:multistatus xmlns:D="DAV:">'; }
echo DAV::xmlescape($this->user_prop_displayname()); ?> " required data-org-name="<?php echo DAV::xmlescape($this->user_prop_displayname()); ?> "/> </div> </div> <div class="control-group"> <label class="control-label bh-gs-display-gs" for="bh-gs-sponsor-description">Group description</label> <div class="controls"> <textarea class="input-xlarge" id="bh-gs-sponsor-description" rows="5" name="description" data-org-name="<?php echo DAV::xmlescape($this->user_prop(BeeHub::PROP_DESCRIPTION)); ?> "><?php echo DAV::xmlescape($this->user_prop(BeeHub::PROP_DESCRIPTION)); ?> </textarea> </div> </div> <div class="control-group"> <div class="controls"> <button type="submit" class="btn btn-primary">Save</button> </div> </div> </form> </div> <!-- End edit tab --> <!-- Usage tab --> <br/>
* * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * @package pieterb\dav */ namespace pieterb\dav; /** * An autoloader for if this library is not used through Composer * * @param string $class The class to load * @return void */ function autoloader($class) { $elements = \explode('\\', $class); $classLocalName = $elements[\count($elements) - 1]; $localPath = __DIR__ . \DIRECTORY_SEPARATOR . $classLocalName . '.php'; if (is_readable($localPath)) { require_once $localPath; } } \spl_autoload_register('pieterb\\dav\\autoloader'); // Then, let's call the \DAV::bootstrap() function to make sure this file is // backwards compatible \DAV::bootstrap(); // End of file
* Copyright ©2013 SURFsara b.v., Amsterdam, The Netherlands * * Licensed under the Apache License, Version 2.0 (the "License"); you may * not use this file except in compliance with the License. You may obtain * a copy of the License at <http://www.apache.org/licenses/LICENSE-2.0> * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. * * @package DAV * @subpackage tests */ DAV::$testMode = true; // Turn on test mode, so headers won't be sent, because sending headers won't work as all tests are run from the commandline $_SERVER = array(); $_SERVER['SERVER_PROTOCOL'] = 'HTTP/1.1'; $_SERVER['SCRIPT_NAME'] = 'bootstrap.php'; // Strange enough, PHPunit seems to use this, so let's set it to some value $_SERVER['SERVER_NAME'] = 'example.org'; $_SERVER['SERVER_PORT'] = 80; $_SERVER['REQUEST_URI'] = '/path'; $_SERVER['REQUEST_METHOD'] = 'GET'; $_SERVER['HTTP_USER_AGENT'] = 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:24.0) Gecko/20100101 Firefox/24.0'; function loadMocks() { $mockPath = realpath(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'mocks' . DIRECTORY_SEPARATOR; // These two are required by other classes, so let's load them now manually so they are there at least in time require_once $mockPath . 'DAVACL_Test_Resource.php';
<li><a href="<?php echo BeeHub::urlbase(true) . DAV::getPath() . '?login=passwd'; ?> ">With username/password</a></li> <?php if (@BeeHub_Auth::inst()->simpleSaml()->isAuthenticated()) { ?> <li><a href="<?php echo DAV::getPath() . '?logout=yes'; ?> ">Log out from SURFconext</a></li> <?php } else { ?> <li><a href="<?php echo BeeHub::urlbase(true) . DAV::getPath() . '?login=conext'; ?> ">With SURFconext</a></li> <?php } ?> <li><a href="<?php echo BeeHub::urlbase(true) . '/system/password_reset.php'; ?> ">I forgot my password</a></li> </ul> </li> <?php } ?> <li class="beehub-spacer-surfsara-logo visible-desktop"></li>
require_once dirname(dirname(__FILE__)) . DIRECTORY_SEPARATOR . 'vendor' . DIRECTORY_SEPARATOR . 'autoload.php'; DAV::bootstrap(); set_exception_handler(array('BeeHub', 'exception_handler')); // We need SimpleSamlPHP require_once BeeHub::$CONFIG['environment']['simplesamlphp'] . 'lib' . DIRECTORY_SEPARATOR . '_autoload.php'; if (isset($_SERVER['HTTP_ORIGIN']) && !empty($_SERVER['HTTP_ORIGIN']) && parse_url($_SERVER['HTTP_ORIGIN'], PHP_URL_HOST) != $_SERVER['SERVER_NAME']) { die('Cross Origin Resourc Sharing prohibited!'); } DAV::$PROTECTED_PROPERTIES[DAV::PROP_GROUP_MEMBER_SET] = true; DAV::$ACL_PROPERTIES[BeeHub::PROP_SPONSOR] = 'sponsor'; DAV::addSupported_Properties(BeeHub::PROP_SPONSOR, 'sponsor'); BeeHub::handle_method_spoofing(); DAV::$REGISTRY = BeeHub_Registry::inst(); DAV::$LOCKPROVIDER = BeeHub_Lock_Provider::inst(); DAV::$ACLPROVIDER = BeeHub_ACL_Provider::inst(); DAV::$UNAUTHORIZED = array(BeeHub::getAuth(), 'unauthorized'); // In case of POST requests, we can already check the POST authentication code if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (!BeeHub::getAuth()->checkPostAuthCode()) { throw new DAV_Status(DAV::HTTP_FORBIDDEN, 'POST authentication code (POST_auth_code) was incorrect. The correct code can be obtained with a GET request to /system/?POST_auth_code'); } } // Prepare test environments if needed if (APPLICATION_ENV === BeeHub::ENVIRONMENT_TEST && isset($_GET['test'])) { if (substr($_SERVER['REQUEST_URI'], 0, 19) !== '/foo/client_tests/?') { header('Location: /foo/client_tests/?' . $_SERVER['QUERY_STRING']); die; } define('RUN_CLIENT_TESTS', true); } else { define('RUN_CLIENT_TESTS', false);
public function testHandleToUnexisting() { // Unable to COPY to unexisting destination collection // Make a return map so the registry will return null when de collection of the destination is requested $returnMap = array(); $returnMap[] = array($_SERVER['REQUEST_URI'], new DAVACL_Test_Resource($_SERVER['REQUEST_URI'])); $returnMap[] = array(dirname($_SERVER['REQUEST_URI']), null); $tempRegistry = DAV::$REGISTRY; DAV::$REGISTRY = $this->getMock('DAV_Registry'); DAV::$REGISTRY->expects($this->any())->method('resource')->will($this->returnValueMap($returnMap)); $this->expectOutputString(<<<EOS Content-Type: text/plain; charset="UTF-8" HTTP/1.1 409 Conflict HTTP/1.1 409 Conflict Unable to COPY to unexisting destination collection EOS ); $this->obj->handleRequest(); DAV::$REGISTRY = $tempRegistry; }
/** * Handle the PROPPATCH request * * @param DAV_Resource $resource * @return void * @throws DAV_Status */ protected function handle($resource) { $resource->assertLock(); if (empty($this->props)) { throw new DAV_Status(DAV::HTTP_BAD_REQUEST, 'No properties found in request body.'); } $priv_write = $resource->property_priv_write(array_keys($this->props)); $errors = array(); foreach ($this->props as $name => $value) { try { if (@DAV::$PROTECTED_PROPERTIES[$name]) { throw new DAV_Status(DAV::HTTP_FORBIDDEN, DAV::COND_CANNOT_MODIFY_PROTECTED_PROPERTY); } if (!@$priv_write[$name]) { throw DAV::forbidden(); } $resource->method_PROPPATCH($name, $value); } catch (DAV_Status $e) { $errors[$name] = $e; } } $response = new DAV_Element_response(DAV::getPath()); if (empty($errors)) { try { $resource->storeProperties(); } catch (DAV_Status $e) { foreach (array_keys($this->props) as $propname) { $errors[$propname] = $e; } } } if (empty($errors)) { foreach (array_keys($this->props) as $propname) { $response->setStatus($propname, DAV_Status::$OK); } } else { $failed_dependency = new DAV_Status(DAV::HTTP_FAILED_DEPENDENCY); foreach (array_keys($this->props) as $propname) { if (!isset($errors[$propname])) { $errors[$propname] = $failed_dependency; } } foreach ($errors as $propname => $status) { $response->setStatus($propname, $status); } } DAV_Multistatus::inst()->addResponse($response); DAV_Multistatus::inst()->close(); }
/** * Stores properties set earlier by set(). * @return void * @throws DAV_Status in particular 507 (Insufficient Storage) */ public function storeProperties() { if (!$this->touched) { return; } $collection = BeeHub::getNoSQL()->users; $document = $collection->findOne(array('name' => $this->name)); if (isset($this->stored_props[DAV::PROP_DISPLAYNAME])) { $document['displayname'] = $this->stored_props[DAV::PROP_DISPLAYNAME]; } else { unset($document['displayname']); } if (isset($this->stored_props[BeeHub::PROP_X509])) { $document['x509'] = $this->stored_props[BeeHub::PROP_X509]; } else { unset($document['x509']); } // Check whether the SURFconext ID already exists if (isset($this->stored_props[BeeHub::PROP_SURFCONEXT])) { $conextDuplicate = $collection->findOne(array('surfconext_id' => $this->stored_props[BeeHub::PROP_SURFCONEXT]), array('name' => true)); if (!is_null($conextDuplicate) && $conextDuplicate['name'] !== $this->name) { throw new DAV_Status(DAV::HTTP_CONFLICT, "This SURFconext id is already used by a different BeeHub user."); } $document['surfconext_id'] = @$this->stored_props[BeeHub::PROP_SURFCONEXT]; $document['surfconext_description'] = @$this->stored_props[BeeHub::PROP_SURFCONEXT_DESCRIPTION]; } else { unset($document['surfconext_id'], $document['surfconext_description']); } $p_sponsor = basename(@$this->stored_props[BeeHub::PROP_SPONSOR]); if (isset($document['sponsors']) && is_array($document['sponsors']) && in_array($p_sponsor, $document['sponsors'])) { $document['default_sponsor'] = $p_sponsor; } $change_email = false; if (@$this->stored_props[BeeHub::PROP_EMAIL] !== @$document['email']) { $change_email = true; $document['unverified_email'] = @$this->stored_props[BeeHub::PROP_EMAIL]; $document['verification_code'] = md5(time() . '0-c934q2089#$#%@#$jcq2iojc43q9 i1d' . rand(0, 10000)); $document['verification_expiration'] = time() + 60 * 60 * 24; } // Write all data to database $saveResult = $collection->save($document); if (!$saveResult['ok']) { throw new DAV_Status(DAV::HTTP_INTERNAL_SERVER_ERROR); } // Notify the user if needed if ($change_email) { $activation_link = BeeHub::urlbase(true) . DAV::encodeURIFullPath($this->path) . '?verification_code=' . $document['verification_code']; $message = 'Dear ' . $document['displayname'] . ', This e-mail address (' . $document['unverified_email'] . ') is added to the BeeHub account \'' . $this->name . '\'. You need to confirm this action by following this link: ' . $activation_link . ' If this link doesn\'t work, on your profile page go to the tab \'Verify e-mail address\' and fill out the following verification code: ' . $document['verification_code'] . ' Note that your verification code is only valid for 24 hours. Also, for new users, if you don\'t have a validated e-mail address, your account will automatically be removed after 24 hours. If this was a mistake, or you do not want to add this e-mail address to this BeeHub account, you don\'t have to do anything. Best regards, BeeHub'; BeeHub::email(array($document['unverified_email'] => $document['displayname']), 'Verify e-mail address for BeeHub', $message); } // Update the json file containing all displaynames of all privileges self::update_principals_json(); $this->touched = false; }
public function testHandle() { DAV::$LOCKPROVIDER = $this->getMock('DAV_Test_Lock_Provider', array('unlock')); DAV::$LOCKPROVIDER->expects($this->once())->method('unlock')->with($this->equalTo($_SERVER['REQUEST_URI']))->will($this->returnValue(true)); DAV::$LOCKPROVIDER->returnLock(true); $this->expectOutputString(<<<EOS HTTP/1.1 204 No Content EOS ); $this->obj->handleRequest(); }